Automating scanning with fish shell

Automating scanning with fish shell

=======================HOST DISCOVERY===========================================
Host discovery con PING:
$ for octect in (seq 0 254)
  echo "Pinging [X.X.X.$octect]"
  ping -c 2 10.150.150.$octect | grep "bytes from" | awk '{print $4}' | uniq -d | cut -d ":" -f 1 | tee -a targets.list
end

Host discovery con NMAP IMCP o ARP

$sudo nmap -vv -sn -PE 10.150.150.0/24 -oG HOSTDISCOVERY_ICMP.gnmap 
ó
$sudo nmap -vv -sn -PR 10.150.150.0/24 -oG HOSTDISCOVERY_ARP.gnmap

$grep Up HOSTDISCOVERY_ARP.gnmap | awk '{print $2}' | tee -a targets.list
================================================================================

Scan FULL TCP a list of IP addresses.
$ for ip in (cat targets.list)
  mkdir $ip
  echo Scanning host: $ip 
  sudo nmap -vv -T4 -Pn -n -sSV --reason -p- $ip -oA $ip/{$ip}_FULL-TCP_(times)
  echo -e "================================================================================\n"
end

Get the grepeable files for further scans:
# $ find . -name \*.gnmap | cut -d "/" -f 2 | tee -a full_TCP.list #FOR PWD
$ find . -name \*.gnmap | tee -a full_TCP.list #FOR DIRECTORY PATHS

Scan only open ports with NSE.

$ for file in (cat full_TCP.list)
  echo Using file $file for scanning
  set ports (grep open $file | grep -Eo '[0-9]+/open' | cut -d "/" -f 1 | sed ':a;N;$!ba;s/\n/,/g')
  set ip (grep Up $file | awk '{print $2}')
  echo "Scanning [$ip] and ports [$ports]"
  sudo nmap -vv -T4 -Pn -n -sSV -A --reason --script="banner,exploit,vuln and not brute or dos" -p$ports $ip -oA $ip/{$ip}_TCP-SCRIPT_(times)
end

Hi! I have some questions to ask you and i felt you might be able to help me. I hope you can drop me an email, [email protected] (Jasmine). Thank you! :)

*i have replied you, let me know if you received it :)